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1 DETAILED ACTION 

2 

3 Response to Arguments 

4 

5 Applicants arguments filed 6/17/2005 have been fully considered but they are 

6 not persuasive. 
7 

8 In response, the examiner notes that the applicant argues primarily: 

9 I. The Office Actions do not establish that claims 1-5 and 10-13 are 

1 0 anticipated under 35 USC J1 02(a) by "Aziz" (US patent 6, 643, 701 to Aziz et a/.J. 

11 II. The Office Action fails to establish that claims 6-9 are unpatentable under 

12 35 USC 103(a) over Aziz in view of Sparks" (US patent number 6,167,382 to Sparks et 

13 ai). 
14 

15 Regarding applicant's argument (I), the applicant alleges, "The Examiner 



1 6 incorrectly asserts that "One particular session of communication, out of many sessions, 

1 7 may be identified by the product of the key and the encrypted communications. " This 

1 8 assertion is incorrect because the server must first determine which of the session keys 

19 to use for decryption before it can decrypt the data it receives. As far as Aziz is 

20 understood, when Aziz's server receives encrypted data, the session key is not received 

21 along with the received data. Thus, Aziz apparently uses some other mechanism to 

22 determine the correct session key before decrypting the received data, A key by itself 
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1 does not identify anything; it is generally understood to unlock something. The 

2 something must be determined from some other source (e.g., a door key found in a 

3 parking lot does not identify the door)" (Applicant's Remarks, 6/17/05, page 2). 

4 Therefore, Aziz's session keys are not shown to correspond to the claimed first and 

5 second session identifiers, nor is Aziz's use of session keys shown to correspond to the 

6 claimed use of the first and second identifiers. 

7 In response, the examiner respectfully invites the applicant to consider the 

8 following example. A key may be used to open a door. A door may be used to conceal 

9 an object. An object (i.e. a book) may be placed behind a door so as to be concealed. 

10 Given such, a person may be aware that a plurality of objects are capable of being 

1 1 concealed behind the door, but is unable to ascertain what object is actually present 

12 since it is hidden from view. Thus, how may that person identify the object behind the 

13 door? That person may utilize the key upon the door so as to reveal the object. In like 

14 manner, an encryption key may be used to open an encryption. An encryption may be 

15 used to conceal a session. A session (i.e. transaction between client A and the server) 

16 may be encrypted so as to be concealed. Given such, an entity may be aware that a 

17 plurality of sessions are capable of being concealed within an encryption, but is unable 

18 to determine which one since it is hidden from view. Thus, how may that entity identify 

19 the particular session within the encryption? Logically, the entity utilizes a key upon the 

20 encryption so as to reveal the session. 

21 The above example is demonstrated in the reference of Aziz. Here, in fig. 3, Aziz 

22 shows that a plurality of clients may establish sessions with a single server. Therefore, 
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1 it is evident that the server is receiving a plurality of communications representing a 

2 plurality of sessions (Aziz, col. 6, lines 45-57). All communication is encrypted, thus 

3 every session is encrypted. Yet, Aziz teaches that each session is distinguished from 

4 the others. Each session is uniquely distinguished by a session key, and thus, a 

5 corresponding session encryption (Aziz, col. 2, 23-26, 42-48). A determination by both 

6 the client and server has been made to understand the unique session keys and unique 

7 corresponding encryptions as characterizing the session (Aziz, col. 2, 49-56). As such, 

8 these identifying features uniquely characterize each session apart from the others, and 

9 can therefore be called session identifiers. 

10 Further regarding applicant's argument (I), the applicant alleges, "However, even 

1 1 if Aziz's session key are assumed to corresponded to the claimed first and second 

12 identifiers, Aziz does not teach transmitting the second session identifiers. The cited 

1 3 portions of Aziz apparently teach that in initiating a session resumption, a client may 

14 identify itself to the server and indicate that it will continue to use the agreed upon keys 

1 5 from the previous handshaking. Thus, there is apparent need for, or teaching of 

1 6 retransmission of a session key from the client to the server" (Applicant's Remarks, 

17 6/17/05, page 2). 

18 In response to applicant's argument that the references fail to show certain 

1 9 features of applicant's invention, it is noted that the features upon which applicant relies 

20 (i.e., "retransmission of a session key from the client to the server") are not recited in the 

21 rejected claim(s). Although the claims are interpreted in light of the specification, 
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1 limitations from the specification are not read into the claims. See In re Van Geuns, 988 

2 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

3 Further in response to the applicants above argument, Aziz does in fact disclose, 

4 that subsequent session communications to the application program include the 

5 transmissions of session messages, characterized by their unique encryptions ("second 

6 session identifiers"), as well as unique session keys ("second session identifiers")(Aziz, 

7 col. 2, 49-56; col. 8, lines 28-32). 
8 

9 Regarding applicant's argument (II), the applicant alleges, "Among other limitations 

1 0 claim 6 includes limitations of receiving checkout requests from the wireless 

1 1 communication devices at the gateway module and transferring the checkout requests 

12 to a wallet module that manages user authentication. The Office Action cites Sparks 1 

1 3 col. 2, 1. 36-49. However, there is no apparent element in this portion of Sparks that 

1 4 corresponds to the gateway module at which checkout requests are received. Nor is 

1 5 there any apparent element that corresponds to the claimed wallet module to which the 

16 checkout requests are sent" (Applicant's Remarks, 6/17/05, page 3). 

17 In response to applicant's arguments against the references individually, one 

18 cannot show nonobviousness by attacking references individually where the rejections 

19 are based on combinations of references. See In re Keller, 642 F.2d 413, 208 

20 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 

21 1986). In this case, claims 6-9 have been rejected under 35 U.S.C. 103(a) as being 

22 unpatentable over Aziz et al. in view of Sparks et al. As previously shown by the 
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1 examiner, Aziz demonstrates a system architecture comprising a client, gateway, and 

2 server. This architecture is designed as an improvement to prior art ecommerce 

3 systems. Thus, the obvious incorporation of ecommerce methods of Sparks et al. (i.e. 

4 the transmission of checkout request from a client to a server and the sending of 

5 checkout request to a checkout module) within the facilitating system architecture of 

6 Aziz (wherein communications are transmitted from client-server/server-client via a 

7 gateway) meets the limitations as claimed (Examiner's Office Action, 3/15/05, pages 4- 

8 7). 
9 

10 

1 1 Conclusion 

12 

13 THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 

14 policy as set forth in 37 CFR 1.136(a). 

15 A shortened statutory period for reply to this final action is set to expire THREE 

16 MONTHS (not less than 90 days) from the mailing date of this action. In the event a 

17 first reply is filed within TWO MONTHS (not less than 60 days) of the mailing date of 

18 this final action and the advisory action is not mailed until after the end of the THREE- 

19 MONTH shortened statutory period, then the shortened statutory period will expire on 

20 the date the advisory action is mailed, and any extension fee pursuant to 37 

21 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no 
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1 event, however, will the statutory period for reply expire later than SIX MONTHS from 

2 the mailing date of this final action. 
3 

4 Any inquiry concerning this communication or earlier communications from the 

5 examiner should be directed to Jeffery Williams whose telephone number is (571) 272- 

6 7965. The examiner can normally be reached on 8:30-5:00. 

7 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

8 supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 

9 number for the organization where this application or proceeding is assigned is 571- 

10 273-8300. 

1 1 Information regarding the status of an application may be obtained from the 

12 Patent Application Information Retrieval (PAIR) system. Status information for 

13 published applications may be obtained from either Private PAIR or Public PAIR. 

14 Status information for unpublished applications is available through Private PAIR only. 

15 For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

16 you have questions on access to the Private PAIR system, contact the Electronic 

17 Business Center (EBC) at 866-217-9197 (toll-free). 
18 

20 Jeffery Williams ^ '/^o* 

21 AU: 2137 EM ^ UE ^ 
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